October is here, a month most people will associate with Halloween. But for the last 10 years, it’s also been time to focus on another terrifying topic: cybersecurity. The U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA) designated October as National Cybersecurity Awareness Month in 2004 in order to build awareness about online threats and help protect individuals, businesses and communities from seriously scary stuff online.
The month’s agenda includes running social media campaigns, hanging posters about cybersecurity in schools and workplaces, and hosting events around the country to discuss the potential security pitfalls of being online. Each week of the month will have a different online security-related theme, including “Critical Infrastructure and the Internet of Things” and “Secure Development of IT Products.”
A decade in and the monthlong focus on cybersecurity has never been more germane. There have been plenty of very public developments in the cybersecurity space since last October. As technology advances rapidly, so do the abilities of criminals to attack technological systems.
Perhaps the most-talked-about cybersecurity issues of the past year are the retail industry breaches that have affected consumers. Hackers have hit retailers hard these past 12 months, including Target Corp., Neiman Marcus Group, The Michaels Cos. Inc. and most recently Home Depot Inc. These attacks stood out because they impacted so many consumers, Michael Kaiser, executive director of NCSA, told CorpCounsel.com. “The brands that got hit are brands that people use almost every day or many Americans have used at some point,” he said.
Then, there were other problems outside of the retail sector that generated cybersecurity headlines and impacted individuals and businesses on a personal level. One was the Heartbleed bug, discovered back in April. More recently, the discovery of the Shellshock bug has posed a serious threat.
To some degree, Internet users seem to be becoming more responsive to these cyberevents, indicating a shift in the way they think about their own online security. Kaiser pointed to a Pew Research Internet Project poll revealing that after the Heartbleed bug was detected and publicized, 39 percent of surveyed users took steps to secure their online accounts and information. Kaiser said the fact that there is a significant percentage of people aware enough to do that is good news. “You have to have the cultural awareness,” said Kaiser. “You can’t just say these cybersecurity threats are something that is abstract and esoteric.” Then again, he added, surveys are still showing that Web users aren’t always as conscious as they should be of cyberrisk. Many people are still using vulnerable passwords such as “123456” or “password.”
Kaiser sees two-step verifications of passwords as the way of the future if companies and individuals want to reduce the potential for being harmed by a cyberattack. In these setups, the user not only enters a password into a site or app, but also has a second method of verifying their identity, such as swiping a fingerprint or confirming who they are via a text message. “We’re going to start to see a lot of creativity out there in the marketplace around this,” Kaiser said.
Other developments in cybersecurity since last October have extended to the federal government. The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) finalized a framework in February 2014 that serves as a guide for private and public companies working with critical infrastructure and wanting to reduce cyberrisk.
This article has been extracted from http://www.corpcounsel.com/, please click on this link to read the article in full http://www.corpcounsel.com/id=1202671986301/Scarier-Than-Halloween-An-October-Focus-on-Cybersecurity#ixzz3Ez7NqG7G
Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.